Some thoughts on cyber warfare

As it’s slowly becoming clear that cyber warfare is going to become a decadal foreign policy challenge for the US, I’ve been thinking about what constructive comments I can make about the situation. The US is in a defensive position, which is inherently weak. Nevertheless, there are some broader political issues involved.

One of the provocative conclusions of a new book by Google’s Eric Smidt, which the Wall Street Journal reviewed in advance, is that this hacking crisis, along with government censorship, may result a fracturing of the internet. It is a plausible conclusion, given that China has almost succeeded in fracturing the world’s capital markets through its accounting glitches.

Much of Chinese and Asian development is predicated on the notion of networks. They build industrial ecosystems holistically, instead of organically (which is why they’re skeptical of open-market finance.) Japan, for instance, was really adept at pushing the standards that the entire industry would have to play by. On a deeper level, politeness itself (which was present in China before the Cultural Revolution) is a form of this standardization.

The big question is, can they adapt to networks that are not within their political control? Is this push for networks really a development model, or just a means for the government to exert its control? It is a very new question. For most of China’s history, the only networks that extended beyond China’s borders were based in trade, which is why today we have free trade in goods, but little else.

With these thoughts in mind, I have run across a couple of good ideas. Going with the working assumption that China will sabotage any Western-originated networks, one solution might be to create networks specifically designed to exclude China. This is the result of a proposal by Richard Clarke:

There are, nevertheless, significant opportunities to develop international collaborations to reduce the impact of cybercrime. An international cybercrime center could aggressively go after and disconnect computer networks used to steal credit card information and other personal data. The center could have “fly-away teams” of experts who could move to and assist a country with a cybercrime problem. The center could also document the failure of certain countries to assist investigations or successfully prosecute cybercriminals. Senior government leaders then would have to decide what to do about those de facto sanctuaries, beginning with multilateral diplomatic approaches.

I like this idea because unlike some other such voluntary organizations (like the League of Democracies, for instance) nobody would have any reason to suspect that the entrance criteria is different from the ultimate mission. China would clearly exclude itself from these inspections, and that fact would highlight exactly what it needed to highlight.

A second proposal would entail essentially going on the offense in the information war. The problems with hacking and state censorship are fundamentally connected (recommended read.) People here naturally assume that anyone would lie to protect their ‘face,’ and US accusations are simply not going to be believed. However, a longer-term goal will be to show that not all governments lie.

Once in a blue moon the Heritage Foundation comes out with an eminently reasonable idea, and here Derek Scissors proposes that the US should start publishing Chinese economics statistics. Why do economic data series amount to anything? Well, remember the uproar that happened when the US started publishing air pollution data for Beijing and Shanghai? The CCP knows they have a genuine vulnerability here. Economic statistics would multiply this issue by ten. Chinese statistics are the worst in the world, so I hear, rivaled only by Saudi Arabia, and if independent organizations started using the US-issued statistics over the Chinese ones, it would go a great way towards showing why the US is concerned with free information. More indirectly, it would also buy some credibility on the hacking issue.

I can’t really tie that one back into networks, but it seems like a good idea.